@@ -52,13 +52,16 @@ In versions of Node.js prior to v6, `Buffer` instances were created using the
5252differently based on what arguments are provided:
5353
5454* Passing a number as the first argument to ` Buffer() ` (e.g. ` new Buffer(10) ` ),
55- allocates a new ` Buffer ` object of the specified size. The memory allocated
56- for such ` Buffer ` instances is * not* initialized and * can contain sensitive
57- data* . Such ` Buffer ` instances * must* be initialized * manually* by using either
58- [ ` buf.fill(0) ` ] [ `buf.fill()` ] or by writing to the ` Buffer ` completely. While
59- this behavior is * intentional* to improve performance, development experience
60- has demonstrated that a more explicit distinction is required between creating
61- a fast-but-uninitialized ` Buffer ` versus creating a slower-but-safer ` Buffer ` .
55+ allocates a new ` Buffer ` object of the specified size. Prior to Node.js 8.0.0,
56+ the memory allocated for such ` Buffer ` instances is * not* initialized and
57+ * can contain sensitive data* . Such ` Buffer ` instances * must* be subsequently
58+ initialized by using either [ ` buf.fill(0) ` ] [ `buf.fill()` ] or by writing to the
59+ ` Buffer ` completely. While this behavior is * intentional* to improve
60+ performance, development experience has demonstrated that a more explicit
61+ distinction is required between creating a fast-but-uninitialized ` Buffer `
62+ versus creating a slower-but-safer ` Buffer ` . Starting in Node.js 8.0.0,
63+ ` Buffer(num) ` and ` new Buffer(num) ` will return a ` Buffer ` with initialized
64+ memory.
6265* Passing a string, array, or ` Buffer ` as the first argument copies the
6366 passed object's data into the ` Buffer ` .
6467* Passing an [ ` ArrayBuffer ` ] returns a ` Buffer ` that shares allocated memory with
@@ -427,6 +430,9 @@ console.log(buf2.toString());
427430<!-- YAML
428431deprecated: v6.0.0
429432changes:
433+ - version: v8.0.0
434+ pr-url: https://github.com/nodejs/node/pull/12141
435+ description: new Buffer(size) will return zero-filled memory by default.
430436 - version: v7.2.1
431437 pr-url: https://github.com/nodejs/node/pull/9529
432438 description: Calling this constructor no longer emits a deprecation warning.
@@ -444,21 +450,17 @@ Allocates a new `Buffer` of `size` bytes. If the `size` is larger than
444450[ ` buffer.kMaxLength ` ] or smaller than 0, a [ ` RangeError ` ] will be thrown.
445451A zero-length ` Buffer ` will be created if ` size ` is 0.
446452
447- Unlike [ ` ArrayBuffers ` ] [ `ArrayBuffer` ] , the underlying memory for ` Buffer ` instances
448- created in this way is * not initialized* . The contents of a newly created ` Buffer `
449- are unknown and * could contain sensitive data* . Use
450- [ ` Buffer.alloc(size) ` ] [ `Buffer.alloc()` ] instead to initialize a ` Buffer ` to zeroes.
453+ Prior to Node.js 8.0.0, the underlying memory for ` Buffer ` instances
454+ created in this way is * not initialized* . The contents of a newly created
455+ ` Buffer ` are unknown and * may contain sensitive data* . Use
456+ [ ` Buffer.alloc(size) ` ] [ `Buffer.alloc()` ] instead to initialize a ` Buffer `
457+ to zeroes.
451458
452459Example:
453460
454461``` js
455462const buf = new Buffer (10 );
456463
457- // Prints: (contents may vary): <Buffer 48 21 4b 00 00 00 00 00 30 dd>
458- console .log (buf);
459-
460- buf .fill (0 );
461-
462464// Prints: <Buffer 00 00 00 00 00 00 00 00 00 00>
463465console .log (buf);
464466```
@@ -2595,7 +2597,7 @@ Allocates a new `Buffer` of `size` bytes. If the `size` is larger than
25952597A zero-length ` Buffer ` will be created if ` size ` is 0.
25962598
25972599The underlying memory for ` SlowBuffer ` instances is * not initialized* . The
2598- contents of a newly created ` SlowBuffer ` are unknown and could contain
2600+ contents of a newly created ` SlowBuffer ` are unknown and may contain
25992601sensitive data. Use [ ` buf.fill(0) ` ] [ `buf.fill()` ] to initialize a ` SlowBuffer ` to zeroes.
26002602
26012603Example:
0 commit comments